Lucene search
AmazonALAS2-2020-1527HistoryOct 22, 2020 - 6:15 p.m.
Low: libosinfo
2020-10-2218:15:00
alas.aws.amazon.com
7
Issue Overview:
A flaw was found in libosinfo, version 1.5.0, where the script for automated guest installations, ‘osinfo-install-script’, accepts user and admin passwords via command line arguments. This could allow guest passwords to leak to other system users via a process listing. (CVE-2019-13313)
Affected Packages:
libosinfo
Note:
This advisory is applicable to Amazon Linux 2 (AL2) Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories.
Issue Correction:
Run yum update libosinfo to update your system.
New Packages:
aarch64:
libosinfo-1.1.0-5.amzn2.aarch64
libosinfo-devel-1.1.0-5.amzn2.aarch64
libosinfo-vala-1.1.0-5.amzn2.aarch64
libosinfo-debuginfo-1.1.0-5.amzn2.aarch64
i686:
libosinfo-1.1.0-5.amzn2.i686
libosinfo-devel-1.1.0-5.amzn2.i686
libosinfo-vala-1.1.0-5.amzn2.i686
libosinfo-debuginfo-1.1.0-5.amzn2.i686
src:
libosinfo-1.1.0-5.amzn2.src
x86_64:
libosinfo-1.1.0-5.amzn2.x86_64
libosinfo-devel-1.1.0-5.amzn2.x86_64
libosinfo-vala-1.1.0-5.amzn2.x86_64
libosinfo-debuginfo-1.1.0-5.amzn2.x86_64
Additional References
Red Hat: CVE-2019-13313
Mitre: CVE-2019-13313
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Amazon Linux | 2 | aarch64 | libosinfo | < 1.1.0-5.amzn2 | libosinfo-1.1.0-5.amzn2.aarch64.rpm |
| Amazon Linux | 2 | aarch64 | libosinfo-devel | < 1.1.0-5.amzn2 | libosinfo-devel-1.1.0-5.amzn2.aarch64.rpm |
| Amazon Linux | 2 | aarch64 | libosinfo-vala | < 1.1.0-5.amzn2 | libosinfo-vala-1.1.0-5.amzn2.aarch64.rpm |
| Amazon Linux | 2 | aarch64 | libosinfo-debuginfo | < 1.1.0-5.amzn2 | libosinfo-debuginfo-1.1.0-5.amzn2.aarch64.rpm |
| Amazon Linux | 2 | i686 | libosinfo | < 1.1.0-5.amzn2 | libosinfo-1.1.0-5.amzn2.i686.rpm |
| Amazon Linux | 2 | i686 | libosinfo-devel | < 1.1.0-5.amzn2 | libosinfo-devel-1.1.0-5.amzn2.i686.rpm |
| Amazon Linux | 2 | i686 | libosinfo-vala | < 1.1.0-5.amzn2 | libosinfo-vala-1.1.0-5.amzn2.i686.rpm |
| Amazon Linux | 2 | i686 | libosinfo-debuginfo | < 1.1.0-5.amzn2 | libosinfo-debuginfo-1.1.0-5.amzn2.i686.rpm |
| Amazon Linux | 2 | x86_64 | libosinfo | < 1.1.0-5.amzn2 | libosinfo-1.1.0-5.amzn2.x86_64.rpm |
| Amazon Linux | 2 | x86_64 | libosinfo-devel | < 1.1.0-5.amzn2 | libosinfo-devel-1.1.0-5.amzn2.x86_64.rpm |
Related
nessus
nessus
CentOS 7 : libosinfo (CESA-2020:1051)
2020-04-10 00:00:00
EulerOS 2.0 SP2 : libosinfo (EulerOS-SA-2019-1854)
2019-09-17 00:00:00
EulerOS Virtualization for ARM 64 3.0.2.0 : libosinfo (EulerOS-SA-2019-1952)
2019-09-17 00:00:00
centos
centos
libosinfo security update
2020-04-08 18:24:54
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2019:2273-1)
2021-04-19 00:00:00
Huawei EulerOS: Security Advisory for libosinfo (EulerOS-SA-2019-1821)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for libosinfo (EulerOS-SA-2020-1786)
2020-07-03 00:00:00
fedora
fedora
[SECURITY] Fedora 29 Update: mingw-libosinfo-1.2.0-2.fc29
2019-07-19 03:07:13
[SECURITY] Fedora 30 Update: libosinfo-1.4.0-4.fc30
2019-07-26 01:00:45
[SECURITY] Fedora 29 Update: libosinfo-1.2.0-8.fc29
2019-07-26 01:51:21
oraclelinux
oraclelinux
libosinfo security and bug fix update
2020-04-06 00:00:00
osinfo-db and libosinfo security and bug fix update
2019-11-14 00:00:00
cvelist
cvelist
CVE-2019-13313
2019-07-05 13:22:02
redhatcve
redhatcve
CVE-2019-13313
2019-07-08 06:52:24
osv
osv
CVE-2019-13313
2019-07-05 14:15:11
redhat
redhat
(RHSA-2020:1051) Low: libosinfo security and bug fix update
2020-03-31 09:12:48
(RHSA-2019:3387) Low: osinfo-db and libosinfo security and bug fix update
2019-11-05 17:39:24
cve
cve
CVE-2019-13313
2019-07-05 14:15:00
ubuntucve
ubuntucve
CVE-2019-13313
2019-07-05 00:00:00
alpinelinux
alpinelinux
CVE-2019-13313
2019-07-05 14:15:00
debiancve
debiancve
CVE-2019-13313
2019-07-05 14:15:00
veracode
veracode
Information Disclosure
2019-11-06 00:20:48
prion
prion
Design/Logic Flaw
2019-07-05 14:15:00
mageia
mageia
Updated libosinfo packages fix security vulnerability
2021-07-10 15:56:54